Overview

Consequence criteria are standard definitions used to assess the potential impact a risk could have on a business. They typically include a combination of measurable and subjective factors and help in enabling consistent evaluation of risk consequences. This benefits decision makers by ensuring consistency of risk assessments.

In StartRisk, users are required to set consequence criteria for each risk class when first setting up their business. This step is supported by the StartRisk AI which will produce recommendations for consequence criteria based on the context known about the business. It’s important to review and tailor these to the unique needs and characteristics of the business.

Risk Consequence Definitions Screen in New Business Wizard:

Screenshot 2024-02-26 at 10.12.08 am.png

Once the consequence criteria are defined, the definitions will appear at points in StartRisk where users are assessing consequence ratings for risks. We aim to have this information visible while users are assessing or reviewing risks to support consistency in assessments.

Consequence Selection View in Risk Editor:

Screenshot 2024-02-26 at 10.10.17 am.png

Risk consequence criteria may be required to be changed in certain circumstances. For example if the definitions are leading to an over-reporting of critical risks or if there is a change in strategic objectives and/or risk appetite. Risk Class owners are able to change the consequence criteria from the risk class page by clicking the settings icon.

Key Concepts

Risk Class: A categorisation of similar risks based on shared characteristics or areas of impact, allowing for targeted management and reporting.

Consequence Criteria: The specific outcomes or impacts defined for each risk class, used to assess the severity of a risk event. These criteria are a mix of qualitative descriptions and quantitative measures.